httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hooper <Paul.Hoo...@one2one.co.uk>
Subject RE: ssl is broken
Date Wed, 03 Oct 2001 14:22:30 GMT
Yeah, yeah

-----Original Message-----
From: Ryan Bloom [mailto:rbb@covalent.net]
Sent: 03 October 2001 15:24
To: dev@httpd.apache.org; Justin Erenkrantz
Subject: Re: ssl is broken


On Tuesday 02 October 2001 10:11 pm, Justin Erenkrantz wrote:
> On Wed, Oct 03, 2001 at 12:51:09AM -0400, MATHIHALLI,MADHUSUDAN
(HP-Cupertino,ex1) wrote:
> > I'm running into all sorts of filter problems. The initial client
request
> > is itself not received completely.. For ex., the apr_bucket_read
> > (ssl_engine_io.c:218) returns 20 bytes when the client has sent 103
> > bytes.
> >
> > The ssl_hook_process_connection (mod_ssl.c:360) returns with a error to
> > read more (which is not being handled right now). This is a problem as
> > the SSL filter expects that *all* the data sent by the client is
received
> > in one complete chunk..
> >
> > If I try forcing the bucket_read again (incase of a SSL_WANT_READ
error),
> > it's still not able to read the full data.
>
> Whenever mod_ssl is handling the request, it needs to remove CORE_IN
> and be able to match CORE_IN's functionality (i.e. handle the same
> modes as CORE_IN).  This is how I would expect it to work given the
> new implementation.

This is bogus.  The whole point of the SSL module being written to use
BIO's,
was that it doesn't need to replace CORE_IN.

Ryan
______________________________________________________________
Ryan Bloom				rbb@apache.org
Covalent Technologies			rbb@covalent.net
--------------------------------------------------------------



NOTICE AND DISCLAIMER:
This email (including attachments) is confidential.  If you have received
this email in error please notify the sender immediately and delete this
email from your system without copying or disseminating it or placing any
reliance upon its contents.  We cannot accept liability for any breaches of
confidence arising through use of email.  Any opinions expressed in this
email (including attachments) are those of the author and do not necessarily
reflect our opinions.  We will not accept responsibility for any commitments
made by our employees outside the scope of our business.  We do not warrant
the accuracy or completeness of such information.



Mime
View raw message